package com.cimr.comm.controller;

import com.cimr.comm.Constants;
import com.cimr.comm.dto.HttpResult;
import com.cimr.comm.token.TokenUtil;
import org.apache.shiro.SecurityUtils;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;

/**
 * Created by liqi on 2018/2/5.
 * liqiwork@qq.com
 */
@Controller
@RequestMapping("/permission/ajax")
public class PermissionAjaxController {
    @RequestMapping({"hasPermission"})
    @ResponseBody
    public HttpResult hasPermission(@RequestParam(required = true) String permissionKey) {
        HttpResult result = new HttpResult(true, "");
        if (TokenUtil.isAdministrator() || SecurityUtils.getSubject().isPermitted(Constants.OPERATION_PASSKEY) || SecurityUtils.getSubject().isPermitted(permissionKey)) {
//        if (TokenUtil.isAdministrator() || SecurityUtils.getSubject().isPermitted(permissionKey)) {
            result.setData(true);
        } else {
            result.setData(false);
        }
        return result;
    }

    @RequestMapping({"isAdministrator"})
    @ResponseBody
    public HttpResult isAdministrator() {
        HttpResult result = new HttpResult(true, "");
        if (TokenUtil.isAdministrator()) {
            result.setData(true);
        } else {
            result.setData(false);
        }
        return result;
    }

}
